summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--conf/inspircd.conf.example395
-rw-r--r--conf/links.conf.example111
-rw-r--r--conf/modules.conf.example89
-rw-r--r--conf/opers.conf.example116
4 files changed, 352 insertions, 359 deletions
diff --git a/conf/inspircd.conf.example b/conf/inspircd.conf.example
index fc8c1962c..ede4a5d4e 100644
--- a/conf/inspircd.conf.example
+++ b/conf/inspircd.conf.example
@@ -22,6 +22,9 @@
# #
# $Id$ #
# #
+# If you would like more detailed options, but a slightly more #
+# painful configuration, please see inspircd.conf.example.old #
+# #
# ____ _ _____ _ _ ____ _ _ _ #
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
@@ -39,45 +42,42 @@
# #
########################################################################
+#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# This optional tag allows you to include another config file #
+# allowing you to keep your configuration tidy. The configuration #
+# file you include will be treated as part of the configuration file #
+# which includes it, in simple terms the inclusion is transparent. #
+# #
+# All paths to config files are relative to the directory of the main #
+# config file inspircd.conf, unless the filename starts with a forward#
+# slash (/) in which case it is treated as an absolute path. #
+# #
+# You may also include an executable file, in which case if you do so #
+# the output of the executable on the standard output will be added #
+# to your config at the point of the include tag. #
+# #
+# Syntax is as follows: #
+#<include file="file.conf"> #
+#<include executable="/path/to/executable parameters"> #
+# #
+
#-#-#-#-#-#-#-#-#-#-#-#- SERVER DESCRIPTION -#-#-#-#-#-#-#-#-#-#-#-#-
# #
# Here is where you enter the information about your server. #
# #
-# Syntax is as follows: #
-# #
-# <server name="server.name" #
-# description="Server Description" #
-# id="serverid" #
-# network="MyNetwork"> #
-# #
-# The server name should be a syntactically valid hostname, with at #
-# least one '.', and does not need to resolve to an IP address. #
-# #
-# The description is freeform text. Remember you may put quotes in #
-# this field by escaping it using \". #
-# #
-# The network field indicates the network name given in on connect #
-# to clients. It is used by many clients such as mIRC to select a #
-# perform list, so it should be identical on all servers on a net #
-# and should not contain spaces. #
-# #
-# The server ID is optional, and if omitted automatically calculated #
-# from the server name and description. This is similar in #
-# in behaviour to the server id on ircu and charybdis ircds. #
-# You should only need to set this manually if there is a collision #
-# between two server ID's on the network. The server ID must be #
-# three digits or letters long, of which the first digit must always #
-# be a number, and the other two letters may be any of 0-9 and A-Z. #
-# For example, 3F9, 03J and 666 are all valid server IDs, and A9D, #
-# QFX and 5eR are not. Remember, in most cases you will not need to #
-# even set this value, it is calculated for you from your server #
-# name and description. Changing these will change your auto- #
-# generated ID. #
-# #
-
-<server name="penguin.omega.org.za"
+
+<server
+ # name: Hostname of your server. Does not need to be valid.
+ name="penguin.omega.org.za"
+
+ # description: Server description. Spaces are allowed.
description="Waddle World"
+
+ # network: Network name given on connect to clients.
+ # Should be the same on all servers on the network and
+ # not contain spaces.
network="Omega">
@@ -199,26 +199,6 @@
<power diepass="" restartpass="" pause="2">
-#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# This optional tag allows you to include another config file #
-# allowing you to keep your configuration tidy. The configuration #
-# file you include will be treated as part of the configuration file #
-# which includes it, in simple terms the inclusion is transparent. #
-# #
-# All paths to config files are relative to the directory of the main #
-# config file inspircd.conf, unless the filename starts with a forward#
-# slash (/) in which case it is treated as an absolute path. #
-# #
-# You may also include an executable file, in which case if you do so #
-# the output of the executable on the standard output will be added #
-# to your config at the point of the include tag. #
-# #
-# Syntax is as follows: #
-#<include file="file.conf"> #
-#<include executable="/path/to/executable parameters"> #
-# #
-
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# This is where you can configure which connections are allowed #
@@ -366,310 +346,13 @@
ipv4clone="32"
ipv6clone="128">
-#-#-#-#-#-#-#-#-#-#-#-#- CLASS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
-# #
-# Classes are a group of commands which are grouped together and #
-# given a unique name. They're used to define which commands #
-# are available to certain types of Operators. #
-# #
-# Syntax is as follows: #
-# #
-# <class name="name" commands="oper commands" #
-# usermodes="allowed oper only usermodes" #
-# chanmodes="allowed oper only channelmodes"> #
-# #
-# The name value indicates a name for this class. #
-# The commands value indicates a list of one or more commands that #
-# are allowed by this class (see also 'READ THIS BIT' below). #
-# The usermodes and chanmodes values indicate lists of usermodes and #
-# channel modes this oper can execute. This only applies to modes #
-# that are marked oper-only such as usermode +Q and channelmode +O. #
-# ____ _ _____ _ _ ____ _ _ _ #
-# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
-# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
-# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
-# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
-# #
-# You are not forced to give these classes the names given below. #
-# You can create your own named classes, if you want, in fact that #
-# is the whole idea of this system! #
-# #
-# Note: It is possible to make a class which covers all available #
-# commands. To do this, specify commands="*". This is not really #
-# recommended, as it negates the whole purpose of the class system, #
-# however it is provided for fast configuration (e.g. in test nets) #
-# #
-
-<class name="Shutdown" commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOAD" usermodes="*" chanmodes="*">
-<class name="ServerLink" commands="CONNECT SQUIT RCONNECT MKPASSWD MKSHA256" usermodes="*" chanmodes="*">
-<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE" usermodes="*" chanmodes="*">
-<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE SPYLIST SPYNAMES" usermodes="*" chanmodes="*">
-<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*">
-
-
-#-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-#
-# #
-# This is where you specify which types of operators you have on #
-# your server, as well as the commands they are allowed to use. #
-# This works alongside with the classes specified above. #
-# #
-# type name - A name for the combined class types. #
-# a type name cannot contain spaces, however if you #
-# put an _ symbol in the name, it will be translated #
-# to a space when displayed in a WHOIS. #
-# #
-# classes - Specified above, used for flexibility for the #
-# server admin to decide on which operators get #
-# what commands. Class names are case sensitive, #
-# separate multiple class names with spaces. #
-# #
-# host - Optional hostmask operators will receive on oper-up. #
-# #
-# Syntax is as follows: #
-# #
-# <type name="name" classes="class names" host="oper hostmask"> #
-# #
-# ____ _ _____ _ _ ____ _ _ _ #
-# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
-# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
-# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
-# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
-# #
-# You are not forced to give these types the names given below. #
-# You can create your own named types, if you want, in fact that #
-# is the whole idea of this system! #
-# #
-
-<type name="NetAdmin" classes="OperChat BanControl HostCloak Shutdown ServerLink" host="netadmin.omega.org.za">
-<type name="GlobalOp" classes="OperChat BanControl HostCloak ServerLink" host="ircop.omega.org.za">
-<type name="Helper" classes="HostCloak" host="helper.omega.org.za">
-
-
-#-#-#-#-#-#-#-#-#-#-#- OPERATOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# #
-# Opers are defined here. This is a very important section. #
-# Remember to only make operators out of trust worthy people. #
-# #
-# name - Oper name, this is case sensitive, so it is best to #
-# use lower-case. #
-# #
-# password - Password to oper-up, also case sensitive. #
-# encryption is supported via modules. You may load #
-# modules for MD5 or SHA256 encryption, and if you do, #
-# this value will be a hash value, otherwise put a #
-# plaintext password in this value. #
-# #
-# host - Hosts of client allowed to oper-up. #
-# wildcards accepted, separate multiple hosts with a #
-# space. You may also specify CIDR IP addresses. #
-# #
-# fingerprint - When using the m_ssl_oper_cert.so module, you may #
-# specify a key fingerprint here. This can be obtained #
-# using the /fingerprint command whilst the module is #
-# loaded, or from the notice given to you when you #
-# connect to the ircd using a client certificate, #
-# and will lock this oper block to only the user who #
-# has that specific key/certificate pair. #
-# this enhances security a great deal, however it #
-# requires that opers use clients which can send ssl #
-# client certificates, if this is configured for that #
-# oper. Note that if the m_ssl_oper.so module is not #
-# loaded, and/or one of m_ssl_openssl or m_ssl_gnutls #
-# is not loaded, this configuration option has no #
-# effect and will be ignored. #
-# #
-# type - Defines the kind of operator. This must match a type #
-# tag you defined above, and is case sensitive. #
-# #
-# Syntax is as follows: #
-# <oper name="login" #
-# password="pass" #
-# host="hostmask@of.oper" #
-# fingerprint="hexsequence" #
-# type="oper type"> #
-# #
-
-<oper name="Brain"
- password="s3cret"
- host="ident@dialup15.isp.com *@localhost *@server.com *@3ffe::0/16"
- type="NetAdmin">
-
-
-#-#-#-#-#-#-#-#-#-#-#- SERVER LINK CONFIGURATION -#-#-#-#-#-#-#-#-#-#
-# #
-# Defines which servers can link to this one, and which servers this #
-# server may create outbound links to. #
-# #
-# name - The name is the canonical name of the server, does #
-# not have to resolve - but it is expected to be set #
-# in the remote servers connection info. #
-# #
-# ipaddr - Valid host or IP address for remote server. These #
-# hosts are resolved on rehash, and cached, if you #
-# specify a hostname; so if you find that your server #
-# is still trying to connect to an old IP after you #
-# have updated your DNS, try rehashing and then #
-# attempting the connect again. #
-# #
-# port - The TCP port for the remote server. #
-# #
-# sendpass - Password to send to create an outbound connection #
-# to this server. #
-# #
-# recvpass - Password to receive to accept an inbound connection #
-# from this server. #
-# #
-# autoconnect - Sets the server to autoconnect. Where x is the num. #
-# (optional) of seconds between attempts. e.g. 300 = 5 minutes. #
-# #
-# transport - If defined, this is a transport name implemented by #
-# another module. Transports are layers on top of #
-# plaintext connections, which alter them in certain #
-# ways. Currently the three supported transports are #
-# 'openssl' and 'gnutls' which are types of SSL #
-# encryption, and 'zip' which is for compression. #
-# If you define a transport, both ends of the #
-# connection must use a compatible transport for the #
-# link to succeed. OpenSSL and GnuTLS are link- #
-# compatible with each other. #
-# #
-# statshidden - When using m_spanningtree.so for linking. you may #
-# set this to 'yes', and if you do, the IP address/ #
-# hostname of this connection will NEVER be shown to #
-# any opers on the network. In /stats c its address #
-# will show as *@<hidden>, and during CONNECT and #
-# inbound connections, it's IP will show as <hidden> #
-# UNLESS the connection fails (e.g. due to a bad #
-# password or servername) #
-# #
-# allowmask - When this is defined, it indicates a range of IP #
-# addresses to allow for this link (You may use CIDR #
-# or wildcard form for this address). #
-# e.g. if your server is going to connect to you from #
-# the range 1.2.3.1 through 1.2.3.255, put 1.2.3.0/24 #
-# into this value. If it is not defined, then only #
-# the ipaddr field of the server shall be allowed. #
-# #
-# failover - If you define this option, it must be the name of a #
-# different link tag in your configuration. This #
-# option causes the ircd to attempt a connection to #
-# the failover link in the event that the connection #
-# to this server fails. For example, you could define #
-# two hub uplinks to a leaf server, and set an #
-# american server to autoconnect, with a european #
-# hub as its failover. In this situation, your ircd #
-# will only try the link to the european hub if the #
-# american hub is unreachable. NOTE that for the #
-# intents and purposes of this option, an unreachable #
-# server is one which DOES NOT ANSWER THE CONNECTION. #
-# If the server answers the connection with accept(), #
-# EVEN IF THE CREDENTIALS ARE INVALID, the failover #
-# link will not be tried! Failover settings will also #
-# apply to autoconnected servers as well as manually #
-# connected ones. #
-# #
-# timeout - If this is defined, then outbound connections will #
-# time out if they are not connected within this many #
-# seconds. If this is not defined, the default of ten #
-# seconds is used. #
-# #
-# bind - If you specify this value, then when creating an #
-# outbound connection to the given server, the IP you #
-# place here will be bound to. This is for multi- #
-# homed servers which may have multiple IP addresses. #
-# if you do not define this value, the first IP that #
-# is not empty or localhost from your <bind> tags #
-# will be bound to. This is usually acceptable, #
-# however if your server has multiple network cards #
-# then you may have to manually specify the bind #
-# value instead of leaving it to automatic binding. #
-# you can usually tell if you need to set this by #
-# looking for the error 'Could not assign requested #
-# address' in your log when connecting to servers. #
-# #
-# hidden - If this is set to true, yes, or 1, then the server #
-# is completely hidden from non-opers. It does not #
-# show in /links and it does not show in /map. Also, #
-# any servers which are child servers of this one #
-# in the network will *also* be hidden. Use with #
-# care! You can use this to 'mask off' sections of #
-# the network so that users only see a small portion #
-# of a much larger net. It should NOT be relied upon #
-# as a security tool, unless it is being used for #
-# example to hide a non-client hub, for which clients #
-# do not have an IP address or resolvable hostname. #
-# #
-# To u:line a server (give it extra privileges required for running #
-# services, Q, etc) you must include the <uline server> tag as shown #
-# in the example below. You can have as many of these as you like. #
-# #
-# WARNING: Unlike other ircds, u:lining a server allows ALL users on #
-# that server to operoverride modes. This should only be used for #
-# services and protected oper servers! #
-# #
-# ------------------------------------------------------------------- #
-# #
-# NOTE: If you have built your server as an IPv6 server, then when a #
-# DNS lookup of a server's host occurs, AAAA records (IPv6) are #
-# prioritised over A records (IPv4). Therefore, if the server you are #
-# connecting to has both an IPv6 IP address and an IPv4 IP address in #
-# its DNS entry, the IPv6 address will *always* be selected. To #
-# change this behaviour simply specify the IPv4 IP address rather #
-# than the hostname of the server. #
-# #
-# ------------------------------------------------------------------- #
-# #
-# ____ _ _____ _ _ ____ _ _ _ #
-# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
-# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
-# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
-# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
-# #
-# If you want to link servers to InspIRCd you must load the #
-# m_spanningtree.so module! Please see the modules list below for #
-# information on how to load this module! If you do not load this #
-# module, server links will NOT work! #
-# #
-# Also, if you define any transports, you must load the modules for #
-# these transports BEFORE you load m_spanningtree, e.g. place them #
-# above it in the configuration file. Currently this means the three #
-# modules m_ssl_gnutls, m_ziplinks and m_ssl_openssl, depending on #
-# which you choose to use. #
-# #
-
-<link name="hub.penguin.org"
- ipaddr="penguin.box.com"
- port="7000"
- allowmask="69.58.44.0/24"
- autoconnect="300"
- failover="hub.other.net"
- timeout="15"
- transport="gnutls"
- bind="1.2.3.4"
- statshidden="no"
- hidden="no"
- sendpass="outgoing!password"
- recvpass="incoming!password">
-
-<link name="services.antarctic.com"
- ipaddr="localhost"
- port="7000"
- allowmask="127.0.0.0/8"
- sendpass="penguins"
- recvpass="polarbears">
-
-
-#-#-#-#-#-#-#-#-#-#-#-#- ULINES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
-# This tag defines a ulined server. A U-Lined server has special #
-# permissions, and should be used with caution. Services servers are #
-# usually u-lined in this manner. #
-# #
-# The 'silent' value, if set to yes, indicates that this server should#
-# not generate quit and connect notices, which can cut down on noise #
-# to opers on the network. #
-# #
-<uline server="services.antarctic.com" silent="yes">
+# This file has all the information about oper classes, types and o:lines.
+# You *MUST* edit it.
+<include file="opers.conf.example">
+# This file has all the information about server links and ulined servers.
+# You *MUST* edit it if you intend to link servers.
+<include file="links.conf.example">
#-#-#-#-#-#-#-#-#-#- MISCELLANEOUS CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
diff --git a/conf/links.conf.example b/conf/links.conf.example
new file mode 100644
index 000000000..e304cd0e6
--- /dev/null
+++ b/conf/links.conf.example
@@ -0,0 +1,111 @@
+#-#-#-#-#-#-#-#-#-#-#- SERVER LINK CONFIGURATION -#-#-#-#-#-#-#-#-#-#
+# #
+# Defines which servers can link to this one, and which servers this #
+# server may create outbound links to. #
+# #
+# If you would like more detailed options, but a slightly more #
+# painful configuration, please see inspircd.conf.example.old #
+# #
+# ____ _ _____ _ _ ____ _ _ _ #
+# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
+# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
+# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
+# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
+# #
+# If you want to link servers to InspIRCd you must load the #
+# m_spanningtree.so module! Please see the modules list below for #
+# information on how to load this module! If you do not load this #
+# module, server links will NOT work! #
+# #
+# Also, if you define any transports, you must load the modules for #
+# these transports BEFORE you load m_spanningtree, e.g. place them #
+# above it in the configuration file. Currently this means the three #
+# modules m_ssl_gnutls, m_ziplinks and m_ssl_openssl, depending on #
+# which you choose to use. #
+# #
+
+<link name="hub.penguin.org"
+
+ # ipaddr: The IP address of the remote server.
+ # Can also be a hostname, but hostname must resolve.
+ ipaddr="penguin.box.com"
+
+ # port: the port to connect to this server on
+ port="7000"
+
+ # allowmask: Range of IP addresses to allow for this link.
+ # Can be a CIDR (see example).
+ allowmask="69.58.44.0/24"
+
+ # autoconnect: Time to wait to attempt to autoconnect
+ # to remote server (in seconds).
+ autoconnect="300"
+
+ # failover: If defined, if this link fails,
+ # what is the next link that is tried.
+ failover="hub.other.net"
+
+ # timeout: If defined, this option defines how long the server
+ # will wait to consider the connect attempt failed and try the
+ # failover (see above).
+ timeout="15"
+
+ # transport: If defined, this states extra modules that can be
+ # used in the connection. Options are: "openssl" and "gnutls"
+ # for encryption (they are compatible with each other) and
+ # "zip" for compression. You must use the same (or a compa-
+ # tible) transport on both sides of the link.
+ transport="gnutls"
+
+ # bind: Local IP address to bind to.
+ bind="1.2.3.4"
+
+ # statshidden: defines if IP is shown to opers when
+ # /stats c is invoked.
+ statshidden="no"
+
+ # hidden: If this is set to yes, this server and it's "child"
+ # servers will not be shown when users do a /map or /links
+ hidden="no"
+
+ # passwords: the passwords we send and recieve.
+ # The remote server will have these passwords reversed.
+ sendpass="outgoing!password"
+ recvpass="incoming!password">
+
+# A duplicate of the first link block without comments
+# if you like copying & pasting.
+<link name="hub.penguin.org"
+ ipaddr="penguin.box.com"
+ port="7000"
+ allowmask="69.58.44.0/24"
+ autoconnect="300"
+ failover="hub.other.net"
+ timeout="15"
+ transport="gnutls"
+ bind="1.2.3.4"
+ statshidden="no"
+ hidden="no"
+ sendpass="outgoing!password"
+ recvpass="incoming!password">
+
+# Link block for services. Options are the same as for the first
+# link block (depending on what your services package supports).
+<link name="services.antarctic.com"
+ ipaddr="localhost"
+ port="7000"
+ allowmask="127.0.0.0/8"
+ sendpass="penguins"
+ recvpass="polarbears">
+
+
+#-#-#-#-#-#-#-#-#-#-#-#- ULINES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
+# This tag defines a ulined server. A U-Lined server has special #
+# permissions, and should be used with caution. Services servers are #
+# usually u-lined in this manner. #
+# #
+# The 'silent' value, if set to yes, indicates that this server should#
+# not generate quit and connect notices, which can cut down on noise #
+# to opers on the network. #
+# #
+<uline server="services.antarctic.com" silent="yes">
diff --git a/conf/modules.conf.example b/conf/modules.conf.example
index cd40f50d5..6b5bb6dbe 100644
--- a/conf/modules.conf.example
+++ b/conf/modules.conf.example
@@ -32,6 +32,7 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Spanning Tree module - allows linking of servers using the spanning
# tree protocol (see the READ THIS BIT section above).
+# You will almost always want to load this.
#
#<module name="m_spanningtree.so">
@@ -162,7 +163,9 @@
#<module name="m_allowinvite.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Alltime module: Shows time on all connected servers at once
+# Alltime module: Shows time on all connected servers at once.
+# This module is oper-only and provides /alltime.
+# To use, ALLTIME must be in one of your oper class blocks.
#<module name="m_alltime.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -276,6 +279,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CBAN module: Lets you disallow channels from being used at runtime.
+# This module is oper-only and provides /cban.
+# To use, CBAN must be in one of your oper class blocks.
#<module name="m_cban.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -334,7 +339,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel create module: Adds snomask +j, which will notify opers of
-# any new channels that are created
+# any new channels that are created.
+# This module is oper-only.
#<module name="m_chancreate.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -365,10 +371,14 @@
# Check module: gives /check
# Check is useful for looking up information on channels,
# users, IP addresses and hosts.
+# This module is oper-only.
+# To use, CHECK must be in one of your oper class blocks.
#<module name="m_check.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CHGHOST module: Adds the /CHGHOST command
+# This module is oper-only.
+# To use, CHGHOST must be in one of your oper class blocks.
#<module name="m_chghost.so">
#
#-#-#-#-#-#-#-#-# /CHGHOST - /SETHOST CONFIGURATION #-#-#-#-#-#-#-#-#
@@ -382,16 +392,22 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CHGIDENT module: Adds the /CHGIDENT command
+# This module is oper-only.
+# To use, CHGIDENT must be in one of your oper class blocks.
#<module name="m_chgident.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CHGNAME module: Adds the /CHGNAME command
+# This module is oper-only.
+# To use, CHGNAME must be in one of your oper class blocks.
#<module name="m_chgname.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Cloaking module: Adds usermode +x and cloaking support.
# Relies on the module m_md5.so being loaded before m_cloaking.so in
# the configuration file.
+# To use, you should enable m_conn_umodes and add +x as
+# an enabled mode. See the m_conn_umodes module for more information.
#<module name="m_cloaking.so">
#
#-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
@@ -427,12 +443,16 @@
#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Close module: Allows an oper to close all unregistered connections.
+# This module is oper-only and provides /close.
+# To use, CLOSE must be in one of your oper class blocks.
#<module name="m_close.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Clones module: Adds an oper command /CLONES for detecting cloned
# users. Warning: This module may be resource intensive when its
# command is issued, use with care.
+# This module is oper-only.
+# To use, CLONES must be in one of your oper class blocks.
#<module name="m_clones.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -661,11 +681,17 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Globops module: gives /GLOBOPS and SNOMASK +g
+# This module is oper-only.
+# To use, GLOBOPS must be in one of your oper class blocks.
#<module name="m_globops.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Global load module: Allows loading and unloading of modules network-
# wide (USE WITH EXTREME CAUTION!)
+# This module is oper-only and provides /gloadmodule, /gunloadmodule
+# and /greloadmodule.
+# To use, GLOADMODULE, GUNLOADMODULE and GRELOADMODULE
+# must be in one of your oper class blocks.
#<module name="m_globalload.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -683,11 +709,13 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# HIDECHANS module: Allows opers to hide their channels list from non-
# opers by setting user mode +I on themselves.
+# This module is oper-only.
# <module name="m_hidechans.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# HIDEOPER module: Allows opers to hide their oper status from non-
# opers by setting user mode +H on themselves.
+# This module is oper-only.
# <module name="m_hideoper.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -787,6 +815,8 @@
# IMPORTANT NOTE: To allow this mode to be used by a type of oper, you
# must first add the value canquiet="yes" to that oper's type tag.
#
+# This module is oper-only.
+#
#<module name="m_invisible.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -795,6 +825,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Jump Server module: Adds support for the RPL_REDIR numeric
+# This module is oper-only.
+# To use, JUMPSERVER must be in one of your oper class blocks.
#<module name="m_jumpserver.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -860,6 +892,9 @@
# you can control who has access to this possible dangerous command. #
# If your server is locked and you got disconnected, do a REHASH from #
# shell to open up again.
+#
+# This module is oper-only.
+#
#<module name="m_lockserv.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -906,6 +941,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Nicklock module: Let opers change a user's nick and then stop that
# user from changing their nick again.
+# This module is oper-only.
+# To use, NICKLOCK and NICKUNLOCK must be in one of your oper class blocks.
#<module name="m_nicklock.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -929,10 +966,12 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper channels mode: Adds the +O channel mode
+# This module is oper-only.
#<module name="m_operchans.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper flood module: Removes flood limits from users upon opering up
+# This module is oper-only.
#<module name="m_operflood.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -940,13 +979,14 @@
# given oper type masks.
# e.g, /mode #channel +iI O:* is equivilant to chmode +O, but you
# may also, e.g. /mode #channel +iI O:AdminTypeOnly to only allow admins.
-#
+# This module is oper-only.
# +be work in a similar fashion.
#
#<module name="m_operinvex.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper Join module: Auto-joins opers to a channel upon oper-up
+# This module is oper-only. For the user equivalent, see m_conn_join.
#<module name="m_operjoin.so">
#
#-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
@@ -969,11 +1009,13 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper log module: Logs all oper commands to the ircd log at default
# loglevel.
+# This module is oper-only.
#<module name="m_operlog.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper MOTD module: Provides support for seperate message of the day
# on oper-up
+# This module is oper-only.
#<module name="m_opermotd.so">
#
#-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
@@ -984,6 +1026,7 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Override module: Adds support for oper override
+# This module is oper-only.
#<module name="m_override.so">
#
#-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
@@ -995,18 +1038,21 @@
# Oper levels module: Gives each oper a level and prevents
# actions being taken against higher level opers
# Specify the level as the 'level' parameter of the <type> tag
+# # This module is oper-only.
#<module name="m_operlevels.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper modes module: Allows you to specify modes to add/remove on oper
# Specify the modes as the 'modes' parameter of the <type> tag
# and/or as the 'modes' parameter of the <oper> tag.
+# This module is oper-only. For the user equivalent, see m_conn_umodes
#<module name="m_opermodes.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper password hash module: Allows hashed oper passwords
# Relies on the module m_md5.so and/or m_sha256.so being loaded before
# m_password_hash.so in the configuration file.
+# This module is oper-only.
#<module name="m_password_hash.so">
#
#-#-#-#-#-#-#-#-#-#-# OPER HASH CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1031,6 +1077,7 @@
# therefore keep things like modes, ban lists and topic. Permanent
# channels -may- need support from your Services package to function
# properly with them. This adds channel mode +P.
+# This module is oper-only.
#<module name="m_permchannels.so">
#
# You may also create channels on startup by using the <permchannels> block.
@@ -1183,22 +1230,32 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAJOIN module: Adds the /SAJOIN command
+# This module is oper-only.
+# To use, SAJOIN must be in one of your oper class blocks.
#<module name="m_sajoin.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAMODE module: Adds the oper /SAMODE command
+# This module is oper-only.
+# To use, SAMODE must be in one of your oper class blocks.
#<module name="m_samode.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SANICK module: Allows opers to change user's nicks
+# This module is oper-only.
+# To use, SANICK must be in one of your oper class blocks.
#<module name="m_sanick.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAPART module: Adds the oper /SAPART command
+# This module is oper-only.
+# To use, SAPART must be in one of your oper class blocks.
#<module name="m_sapart.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAQUIT module: Adds the oper /SAQUIT command (abusable!!!)
+# This module is oper-only.
+# To use, SAQUIT must be in one of your oper class blocks.
#<module name="m_saquit.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1232,11 +1289,14 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# See nicks module: Allow for SNOMASK +N which shows nick changes.
+# This module is oper-only.
#<module name="m_seenicks.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Set Idle module: Adds a command for opers to change their
# idle time (mainly a toy)
+# This module is oper-only.
+# To use, SETIDLE must be in one of your oper class blocks.
#<module name="m_setidle.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1247,6 +1307,8 @@
# N O T E!!
# >> This CAN NOT be used at the same time as m_services_account <<
# N O T E!!
+# *** This module DOES NOT support Atheme services, please use ***
+# *** m_services_account if you are planning on using Atheme. ***
#<module name="m_services.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1265,15 +1327,21 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Sethost module: Adds the /SETHOST command
+# This module is oper-only.
+# To use, SETHOST must be in one of your oper class blocks.
# See m_chghost for how to customise valid chars for hostnames
#<module name="m_sethost.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Setident module: Adds the /SETIDENT command
+# This module is oper-only.
+# To use, SETIDENT must be in one of your oper class blocks.
#<module name="m_setident.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SETNAME module: Adds the /SETNAME command
+# This module is oper-only.
+# To use, SETNAME must be in one of your oper class blocks.
#<module name="m_setname.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1284,11 +1352,14 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Show Whois module: Adds the +W usermode which allows opers
# to see when they are whois'ed (can be annoying).
+# This module is oper-only.
#<module name="m_showwhois.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Shun module: Provides the /shun command, which stops a user executing
# most commands.
+# This module is oper-only.
+# To use, SHUN must be in one of your oper class blocks.
#<module name="m_shun.so">
#
# You may also configure which commands you wish a user to be able to
@@ -1301,6 +1372,7 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Spy module: Provides the ability to see the complete names list of
# channels an oper is not a member of
+# This module is oper-only.
#<module name="m_spy.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1362,6 +1434,7 @@
# be loaded. An extra value should be added to enabled opers, which
# is in the following format: fingerprint="<hash>". For more information,
# see the example in the oper blocks.
+# This module is oper-only.
#<module name="m_ssl_oper_cert.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1448,11 +1521,15 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SWHOIS module: Allows you to add arbitary lines to user WHOIS.
+# This module is oper-only.
+# To use, SWHOIS must be in one of your oper class blocks.
#<module name="m_swhois.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Taxonomy module: Adds the /TAXONOMY command, used to view all
# metadata attached to a user.
+# This module is oper-only.
+# To use, TAXONOMY must be in one of your oper class blocks.
#<module name="m_taxonomy.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1461,11 +1538,15 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Timed bans module: Adds timed bans and the /TBAN command
+# This module is oper-only.
+# To use, TBAN must be in one of your oper class blocks.
#<module name="m_timedbans.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Test line module: Adds the /TLINE command, used to test how many
# users a /GLINE or /ZLINE etc would match.
+# This module is oper-only.
+# To use, TLINE must be in one of your oper class blocks.
#<module name="m_tline.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1484,6 +1565,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Userip module: Adds the /USERIP command
+# This module is oper-only.
+# To use, USERIP must be in one of your oper class blocks.
#<module name="m_userip.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
diff --git a/conf/opers.conf.example b/conf/opers.conf.example
new file mode 100644
index 000000000..27e748781
--- /dev/null
+++ b/conf/opers.conf.example
@@ -0,0 +1,116 @@
+#-#-#-#-#-#-#-#-#-#-#-#- CLASS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
+# #
+# Classes are a group of commands which are grouped together and #
+# given a unique name. They're used to define which commands #
+# are available to certain types of Operators. #
+# #
+# #
+# Note: It is possible to make a class which covers all available #
+# commands. To do this, specify commands="*". This is not really #
+# recommended, as it negates the whole purpose of the class system, #
+# however it is provided for fast configuration (e.g. in test nets) #
+# #
+
+<class
+ name="Shutdown"
+
+ # commands: oper commands that users of this class can run.
+ commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOAD"
+
+ # usermodes: Oper-only usermodes that opers with this class can use.
+ usermodes="*"
+
+ # chanmodes: Oper-only channel modes that opers with this class can use.
+ chanmodes="*">
+
+<class name="ServerLink" commands="CONNECT SQUIT RCONNECT MKPASSWD MKSHA256" usermodes="*" chanmodes="*">
+<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE" usermodes="*" chanmodes="*">
+<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE SPYLIST SPYNAMES" usermodes="*" chanmodes="*">
+<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*">
+
+
+#-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-#
+# #
+# This is where you specify which types of operators you have on #
+# your server, as well as the commands they are allowed to use. #
+# This works alongside with the classes specified above. #
+# #
+
+<type
+ # name: Name of type. Used in actual olines below.
+ # Cannot contain spaces. If you would like a space, use
+ # the _ character instead and it will translate to a space on whois.
+ name="NetAdmin"
+
+ # classes: classes (above blocks) that this type belongs to.
+ classes="OperChat BanControl HostCloak Shutdown ServerLink"
+
+ # host: host oper gets on oper-up. This is optional.
+ host="netadmin.omega.org.za"
+
+ # modes: usermodes besides +o that are set on a oper of this type
+ # when they oper up. Used for snomasks and other things.
+ # Requires that m_opermodes.so be loaded.
+ modes="+n">
+
+<type name="GlobalOp" classes="OperChat BanControl HostCloak ServerLink" host="ircop.omega.org.za">
+<type name="Helper" classes="HostCloak" host="helper.omega.org.za">
+
+
+#-#-#-#-#-#-#-#-#-#-#- OPERATOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
+# #
+# Opers are defined here. This is a very important section. #
+# Remember to only make operators out of trust worthy people. #
+# #
+
+# oline with plain-text password
+<oper
+ # name: oper login that is used to oper up (/oper name password).
+ # Remember: This is case sensitive
+ name="Brain"
+
+ # password: case-sensitive, unhashed...yea...self-explanatory.
+ password="s3cret"
+
+ # host: What hostnames/IP's are allowed to oper up with this oline.
+ # Multiple options can be separated by spaces and CIDR's are allowed.
+ host="ident@dialup15.isp.com *@localhost *@server.com *@3ffe::0/16"
+
+ # ** ADVANCED ** This option is disabled by default.
+ # fingerprint: When using the m_oper_ssl_cert module, you may specify
+ # a key fingerprint here. This can be obtained by using the
+ # /fingerprint command while the module is loaded. This enhances
+ # security by verifying that the person opering up has the matching
+ # key/certificate combination. This enhances security a great deal.
+ # If m_oper_ssl and/or m_ssl_gnutls/m_ssl_openssl aren't loaded,
+ # this option will be ignored.
+ #fingerprint="67:CB:9D:C0:13:24:8A:82:9B:B2:17:1E:D1:1B:EC:D4"
+
+ # type: What oper type this oline is. See the block above for list
+ # of types. NOTE: This is case-sensitive as well.
+ type="NetAdmin">
+
+# oline with hashed password. It is highly recommended to use hashed passwords.
+<oper
+ # name: oper login that is used to oper up (/oper name password).
+ # Remember: This is case sensitive
+ name="Brain"
+
+ # hash: what hash this password is hashed with. requires the module
+ # for selected hash (m_md5.so, m_sha256.so or m_ripemd160) be
+ # loaded and the oper password hashing module (m_password_hash.so)
+ # loaded. Options here are: "md5", "sha256" and "ripemd160".
+ hash="sha256"
+
+ # password: a hash of your password (see above option) hashed
+ # with /mkpasswd *hash* *password* . See m_password_hash in modules.conf
+ # for more information about password hashing.
+ password="1ec1c26b50d5d3c58d9583181af8076655fe00756bf7285940ba3670f99fcba0"
+
+ # host: What hostnames/IP's are allowed to oper up with this oline.
+ # Multiple options can be separated by spaces and CIDR's are allowed.
+ host="ident@dialup15.isp.com *@localhost *@server.com *@3ffe::0/16"
+
+ # type: What oper type this oline is. See the block above for list
+ # of types. NOTE: This is case-sensitive as well.
+ type="NetAdmin">